On Tue, 20 Dec 2005 08:01:27 +0600, Maciej Stachowiak <[EMAIL PROTECTED]>
wrote:
I don't think reading /dev/mouse will specifically do anything bad, but
I see your point. For file: in file: inclusion I think it would be wise
to exclude certain system paths such as /dev and /etc. I think this may
be done already.
I've just tried on my Opera for Linux. Opeing file:///dev/input/mice
(that's what I have instead of /dev/mouse) simply produces a blank page.
But opening file:///dev/random causes Opera to stop responding to UI.
I think it's the responsibility of the browser developer to know what
file: resources of the local OS are dangerous, and to avoid opening them.
For example, on Linux it would be a safe bet to avoid opening anything
than regular files (i.e. character specials, block specials, fifos etc).
-- Opera M2 9.0 TP1 on Debian Linux 2.6.12-1-k7
* Origin: X-Man's Station at SW-Soft, Inc. [ICQ: 115226275]
<[EMAIL PROTECTED]>
